CVE-2015-1192

Name of the Vulnerable Software and Affected Versions kgb version 1.0b4

Description The issue allows remote attackers to write to arbitrary files via a full pathname in a crafted archive, due to an absolute path traversal vulnerability.

Recommendations For version 1.0b4, consider restricting access to archive processing functionality until a patch is available. As a temporary workaround, avoid using the archive feature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.